ManageEngine® Firewall Analyzer Read Me

Notes: This readme file was current at the time of product release. However you should check for documentation updates at the Firewall Analyzer web site: http://www.fwanalyzer.com/


Table of Contents

  1. About Firewall Analyzer
  2. Release Overview
    1. 7.6 - Build 7600 (GA)
    2. 7.4 - Build 7400 (GA)
    3. 7.2 - Build 7021 (GA)
    4. 7.2 - Build 7020 (GA)
    5. 7.0.1 - Build 7001 (GA)
    6. 7.0 - Build 7000 (GA)
    7. 6.0 - Build 6000 (GA)
  3. System Requirements
    1. Platform Requirements
    2. Web Browser Requirements
  4. Installation
    1. Installing and Uninstalling
    2. Default ports used by Firewall Analyzer
  5. Starting and Shutting Down
  6. Known Issues and Limitations
  7. Document Set
  8. Contact Information
  9. About ZOHO Corp.
  10. License Agreement

1. About Firewall Analyzer

Firewall Analyzer is an easy-to-use, web-based tool that provides in-depth analysis of incoming and outgoing network activity through firewalls, VPNs, and proxy servers. Firewall Analyzer analyzes these logs and generates useful reports on bandwidth usage, user trends, detect anomalies, and firewall activity.

Such information helps IT administrators manage their enterprise networks pro actively and also accelerates the troubleshooting process.

2 Release Overview

The new features, bug fixes and limitations in each of the release are mentioned below,

 

7.6 - Build 7600 - Distributed Edition

GA release of Firewall Analyzer Distributed Edition

 

New Features - Admin Server

There are no new features available for Admin Server in this release

 

New Features - Collector Server

The general features available in this release include,

 

7.6 - Build 7600 -Standalone Edition

The general features available in this release are:

New Features

  1. New Devices supported:
  1. Option to identify non standard protocols (Unknown Protocol) detail in your network.
  2. Email alert notification when Firewall Analyzer fails to write the logs in archive
  3. SFTP/SSH protocol support to import logs from remote machines
  4. Optionally, traffic logs can be indexed and searched
  5. Advanced Search can now be used to find the exact Port/Protocol details
  6. Showing the conversation (source/destination/protocol) details for anomaly alert in mail
  7. Troubleshooting tool to apply License file in case of product license expiry
  8. Users with 'Guest' privilege can now access the'Compliance' tab
  9. Firewall Analyzer will henceforth be using PostgresSQL database

Bug Fix

  1. Wrong alert message showing double the number of managed devices compared to the License count has been fixed
  2. Fixed the Windows Authentication issue in Admin server MS SQL setup
  3. SonicWALL device interface name parsing issue is fixed
  4. Fixed the issue to retain the Y-axis value as integer in Time Series graph in PDF export
  5. Allowed URL reports will now be populated for Palo Alto devices
  6. Parsing issue of Juniper SSL logs fixed
  7. Native OS (German and French) Installation issue fixed
  8. 'DisplayName' of the device will be shown now in Change Management alerts, Anomaly alerts and Compliance reports instead of 'ResourceName'

 

7.4 - Build 7400 - Distributed Edition

GA release of Firewall Analyzer Distributed Edition.

New Features - Admin Server

The general features available in this release include,

New Features - Collector Server

The general features available in this release include,

7.4 - Build 7400 - Standalone Edition

The general features available in this release are:

New Features

  1. Supports 'IPFIX with extensions' based flows (for SonicOS 5.8) - reports include top URLs, applications, users, viruses, attacks, intrusions, spyware, etc.
  2. Dedicated compliance section for device rules configurations, firewall rules monitoring, change management reports and alerts
  3. Detailed reports for applications accessed through Check Point and SonicWALL devices
  4. Consolidated VPN traffic reports for user-groups
  5. 'Exclude criteria' option now allows users to generate configuration change management reports that excludes certain specific lines or text
  6. Importing 'Local Host' log directory is now supported
  7. 'Intranet Settings' can now be configured for multiple devices
  8. For FTP log import from remote hosts, in addition to specifying time interval users can now specify 'Schedule Start Time'
  9. 'Scheduled Reports' can be now saved in the machine running Firewall Analyzer
  10. Active Directory or RADIUS can be set as default authentication for Firewall Analyzer login
  11. Active Directory Users can now be imported at the Organizational Unit level, Group level and Individual User level

Bug Fix

  1. Fixed indexing of Juniper IDP attack logs
  2. Increased the default value of row count of reports in PDF format from 10 to 100
  3. Fixed the usability issue in Scheduling Device Rule
  4. Fixed the Parser Rule issue for Cisco Message Id 713119
  5. Fixed Change Management Alert issue when difference in configuration content has dollar symbol in it
  6. Fixed the 'device credentials test button' issue
  7. Fixed issue in detecting dynamic file name changes, during scheduled import
  8. The issue with 'SNMP community string with special characters' to access the interface is fixed
  9. The issue in parsing unused ACEs of Cisco firewall is fixed

7.2 - Build 7021 - Standalone Edition

The bug fix available in this release are:

Bug Fix

 

7.2 - Build 7020 - Distributed Edition

GA release of Firewall Analyzer Distributed Edition.

New Features - Collector Server

The general features available in this release include,

7.2 - Build 7020 - Standalone Edition

The general features available in this release are:

New Features and Enhancements

  1. New Device/Log Format supported
  2. Application reports for Fortigate firewalls based on Application Control service
  3. Support for Virtual Firewalls of Cisco and Fortigate devices. By default, each context/vdom is displayed as separate device
  4. Alerts based on bandwidth utilization of a specific interfaces
  5. Client UI and email notification for Firewall Status Alerts for the following conditions:
  6. View unused ACEs details of ACLs, for Cisco devices available in Unused Rules report
  7. Real-time Syslog collection from Squid proxy server supported
  8. Complete time duration details of the VPN user sessions available in 'VPN User Session Details' reports under VPN Reports
  9. Option to export 'VPN User Session Details' report to other formats, while clicking 'View All' link
  10. Zone based and interface specific Live reports using SNMP for Netscreen devices
  11. Change Management Report for Juniper SRX device available
  12. Option to fetch Rules and Configurations for any CLI supported device to get Unused Rules, Compliance and Change Management reports
  13. New format for Email alert to cater for context based Configuration Changes
  14. Optional privilege available to 'Guest' user to view the generated alerts for the assigned device(s)
  15. Optional privilege available to 'Guest' user to view the Report Profile(s) assigned by Administrators  

Bug Fixes

  1. Identifying Device IP address from the logs imported from Blue Coat proxy server
  2. Collecting intermittent logs of VPN sessions support for Sonicwall, Cisco, Checkpoint and Netscreen Firewall
  3. devices
  4. Added page navigation component in 'Raw Log Search' result page
  5. Importing log files with non-English names/folders from remote machines using FTP is supported
  6. Allowed special characters in SNMP Community string
  7. to fetch SNMP data from devices
  8. Issue in Diagnose Connections when the interface name had special characters

 

7.0.1 - Build 7001 - Distributed Edition

GA release of Firewall Analyzer Distributed Edition.

New Features - Admin Server

The general features available in this release include,

New Features - Collector Server

The general features available in this release include,

 

7.0.1 - Build 7001 - Standalone Edition

The general features available in this release are:

New Features and Enhancements

  1. New Device/Log Format supported
  2. Live Syslog Viewer
  3. Live Report (Device & Interface) for Sonicwall syslogs
  4. Change Management Report for Cisco, Netscreen and Fortigate devices
  5. New reports for Watchguard(Firebox,XTM) such as Spam,Admin,VPN,Attack reports
  6. URL Category reports for most of the firewalls
  7. Notification (Mail & SMS) & Scheduling option for Firewall/devices configuration changes
  8. Device and Interface Live Report population by SNMP(V1,V2,V3)
  9. Device Live connection report by SNMP
  10. MSSQL Cluster Support
  11. External Authentication Support :   Active Directory / Radius Server
  12. Provision to change Interface Display Name
  13. Provision to give Collector Name during installation
  14. Proxy Raw logs search from Advanced Search
  15. Time Series graph option in Custom Report creation
  16. Category criteria based Alert(Normal & Anomaly) creation
  17. Anomaly Alert Threshold options This Week, This Month included
  18. Alert notification enhancement. Send the notifications once and not for This Day, This week, This Month (or) Custom period
  19. Export option(PDF/CSV) for Archive file loading search results
  20. "Product Name" Customization from Rebranding feature

Bug Fixes

  1. Fixed issue in parsing high priority logs of Cisco devices
  2. Cisco WebVPN parsing issue
  3. Cisco Netflow log parsing issue
  4. Interface Live Report traffic direction issue

Known Issue

  1. You can not use Active Directory or RADIUS Server Authenticated Admin user credentials for Data Collection in Admin Server (i.e., from Edit Collector Details page of Collector Settings)

 

7.0 - Build 7000 - Distributed Edition

GA release of Firewall Analyzer Distributed Edition.

New Features - Admin Server

The general features available in this release include,

New Features - Collector Server

The general features available in this release include,

7.0 - Build 7000 - Standalone Edition

The general features available in this release are:

New Features and Enhancements

  1. New Device/Log Format supported
  1. MSSQL Support.
  2. Cisco ASA Netflow log support.
  3. Security Audit and Configuration analysis of firewall device.
  4. Encryption and Time stamping of archived logs.
  5. Username Vs IP Address mapping based on DHCP/Proxy logs.
  6. Exporting of generated alerts.
  7. Local scheduled import.
  8. Report filter criteria enhancements like wildcard symbols etc.
  9. Raw log based displaying of "unknown" protocols.
  10. Provision to create and apply Credential Profile for fetching rules from firewall device
  11. SMS and SNMP support for Firewall Availability Alert
  12. CSV export option in Advanced Search
  13. Bulk Alert Delete
  14. HTTPS option in Install Shield.
  15. Option to customize the mail subject for Report/Alert Profile

Bug Fixes

  1. SMS message i18n issue
  2. SNMP query issue because of jars not set in classpath
  3. Zero values in Traffic statistics table when traffic overview graph has data
  4. "Page Number" and "Date" is not shown in the scheduled PDF report
  5. CSV export got garbled in native Linux machine
  6. Not able to get a PDF report attached in mail after changing the System Property 'pdfReport'
  7. If two guest/operator users are having the same device, then one guest/operator can only view the reports. Another user is not permitted to view the reports
  8. Parsing issue in Destination values of Squid Logs
  9. Truncated/wrong raw log report for the Firewalls' logs with junk characters
  10. Fixed the issue in Importing the Report Profile
  11. Import of log failed when FWA server/service is restarted before the import is completed.
  12. No of rows in raw log PDF exporting fixed.
  13. Anomaly exclude of multiple protocols.
  14. Populating hit count in some second level drill down reports.
  15. In https mode, the "On Demand" report export did not work.
  16. URL attribute fixed in Re-branding.
  17. In 64-bit machines, the UpdateManager.bat hangs while calculating free disk space.
  18. Exporting of Report/Alerts Profiles in https mode.
  19. Problem in exporting of Report profiles.
  20. Assigning scheduler to report profiles due to user privilege constraint fixed.
  21. Issue in handling result code for denied proxy logs in ISA .
  22. Problem in populating URL relates reports for proxy servers.
  23. Issue is populating Live VPN users when there is no ip address related information in VPN Concentrators' connection log.

 

6.0 - Build 6000 - Distributed Edition

GA release of Firewall Analyzer Distributed Edition.

New Features - Admin Server

The general features available in this release include,

New Features - Collector Server

The general features available in this release include,

6.0 - Build 6000 - Standalone Edition

The general features available in this release are:

New Features and Enhancements

Bug Fixes

3. System Requirements

3.1 Platform Requirements

Hardware Platform

Please refer our web site for recommended system requirements.

Software Platform

3.2 Web Browser Requirements

4. Installation

This section explains the key steps for installing Firewall Analyzer. Refer the User Guide for detailed Firewall Analyzer installation information.

4.1 Installing on Windows

    1. Double-click the ManageEngine_FirewallAnalyzer_7_windows.exe file to launch setup program
    2. Follow the instructions as they appear on the screen. Once the installation is complete you will notice a Note tray icon, which provides you with the following options.

      Option Description
      Firewall Server Status
      This option provides you details like Server Name, Server IpAddress , Server Port, Server Status.
      Start WebClient
      This option will open up your default browser and connect you to the web login UI of Firewall Analyzer Server, provided the server has already been started.
      Shutdown Server
      This option will shutdown the Firewall Analyzer Server.

      Note: The tray icon option is only available for Windows !

Uninstalling from Windows

  1. Click on Start > Programs > ManageEngine Firewall Analyzer 7 > Uninstall Firewall Analyzer to uninstall Firewall Analyzer from the machine.

4.2 Installing on Linux

  1. Assign execute permission to the ManageEngine_Firewall_Analyzer_7_linux.bin file using the following command:
    chmod a+x ManageEngine_Firewall_Analyzer_7_linux.bin
  2. Execute the following command:
    ./ManageEngine_Firewall_Analyzer_7_linux.bin

    Note: If you get an error message stating that the temp directory does not have enough space, try executing this command with the -is:tempdir <directory_name> option (where <directory_name> is the absolute path of an existing directory)
    ./ManageEngine_Firewall_Analyzer_7_linux.bin -is:tempdir <
    directory_name>

  3. Follow the instructions in the setup program.

    Uninstalling from Linux

    1. Navigate to the <Firewall Analyzer Home>/server/_uninst directory and execute the following command to uninstall Firewall Analyzer:
      ./uninstaller.bin

4.3 Default Ports

The following are the default ports used by Firewall Analyzer:

Web Server port (to access from a web browser): 8500 (TCP)

Firewall Listener port (to direct firewall, proxy logs): 514, 1514 (UDP)

MySQL port (to connect to the built-in MySQL database): 33336 (TCP)

5. Starting and Shutting Down

5.1 Starting in Windows

  1. Click on Start > Programs > ManageEngine Firewall Analyzer 7 > Firewall Analyzer to start the server.
    Alternatively you can navigate to the <Firewall Analyzer Home>\bin folder, and invoke the run.bat file.
  2. Once the server has successfully started, you can either use the Start WebClient tray-icon Note option or alternatively open a web browser and type the URL, http://<hostname>:8500
    (replace <hostname> with the name of the machine on which Firewall Analyzer is installed, and 8500 with the web server port specified during installation).

    Shutting Down from Windows

    1. Click on Start > Programs > ManageEngine Firewall Analyzer 7 > Shutdown Firewall Analyzer to shut down the server. Alternatively you can navigate to the <Firewall Analyzer Home>\bin folder, and invoke the shutdown.bat file. As already mentioned, you can also make use of the tray-icon Note option Shutdown Server.

5.2 Starting in Linux

  1. Navigate to the <Firewall Analyzer Home>/bin directory and execute the run.sh file to start the Firewall Analyzer server.
  2. Once the server has successfully started, open a web browser and type the URL, http://<hostname>:8500
    (replace <hostname> with the name of the machine on which Firewall Analyzer is installed, and 8500 with the web server port specified during installation)

    Shutting down from Linux

    1. Navigate to the <Firewall Analyzer Home>/bin directory, and execute the shutdown.sh file to shut down the server.

6. Known Issues and Limitations

The following is the known issue of this product:

7. Document Set

The documentation set for this product includes:

The printable PDF version of the User Guide is available at http://www.manageengine.com/products/firewall/FirewallAnalyzer_UserGuide.pdf

8. Contact Information

Technical Support: fwanalyzer-support@manageengine.com
Web site:
http://www.fwanalyzer.com/ | http://manageengine.com/products/firewall/
Toll-free : +1 888 720 9500

Firewall Analyzer licenses usually include the right to patches, service packs, and minor upgrades apart from technical support for one (1) year from the date of purchase. After the first year, Maintenance must be renewed on an annual basis.

9. About ZOHO Corp®

ZOHO Corp. provides affordable software in the areas of network applications and database tools. With a broad product portfolio and an active customer base ranging from enterprises, equipment vendors and service providers, ZOHO Corp. has emerged as a very affordable and high-quality alternative to expensive software that is common in the industry. ZOHO Corp. is headquartered in Pleasanton, CA with offices in NJ,
MA, India, UK, China and Japan and has a well-trained partner base around the globe.

Visit us at http://www.zohocorp.com

Copyright © 2012, ZOHO Corp. All rights reserved.

ZOHO Corp., ManageEngine, Enabling Management Your Way are trademarks of ZOHO Corp. All other trademarks are the property of their respective owners.

10. License Agreement

TERMS OF SALE FOR MANAGEENGINE SOFTWARE PRODUCTS

1. Your Acceptance of the Terms of Sale

Thank you for visiting the Zoho Corporation Private Limited ("we" or "Zoho") website, www.manageengine.com (the "Website"). This document ("Terms of Sale") is a legal agreement between you or the entity that you represent ("you") and Zoho, and governs your download and purchase of ManageEngine software products from the Website.

PLEASE NOTE THAT YOUR USE OF THE WEBSITE TO DOWNLOAD A SOFTWARE PRODUCT CONSTITUTES ACCEPTANCE OF THE TERMS OF SALE, AND TERMS AND CONDITIONS OF THE END USER LICENSE AGREEMENT PROVIDED BELOW. IF YOU DO NOT AGREE TO THE TERMS OF SALE, OR TERMS OF THE END USER LICENSE AGREEMENT, PLEASE EXIT THE WEBSITE WITHOUT CONTINUING THE ORDERING AND/OR DOWNLOADING PROCESS.

2. Purpose

The purpose and intent of this Website is to provide information on software products (the "Software") that we make available for download and purchase through the Website.

3. Download of Evaluation Version

We offer the Software for download on a free trial basis pursuant to an Evaluation License as set out in our End-User License Agreement set forth below ("EULA"). Your use of the copy of the evaluation version of the Software is subject to the applicable terms and conditions of the EULA.

4. Purchase of Commercial Licenses

After the expiration of the evaluation period, you may obtain through the Website a Commercial License of the Software pursuant to the Annual Subscription, Perpetual, or if applicable, the Free Edition, as set out in the EULA. Your use of the copy of the Software is subject to the applicable terms and conditions of the EULA.

Our authorized U.S. reseller, Zoho Corporation ("Distributor"), is responsible for sales of Commercial Licenses within the U.S. region. Your purchase of a Commercial License within the U.S. region is subject to any pricing or any special terms of sale that may be agreed between you and Distributor. You are responsible for providing Distributor with a valid credit card number or other acceptable means of payment to secure payment. Distributor reserves the right to cancel any order if the credit card number you provide is not valid.
END USER LICENSE AGREEMENT

THE following terms constitute a binding agreement between you and Zoho with respect to use of ManageEngine Firewall Analyzer ("Licensed Software")

1. EVALUATION LICENSE:

Zoho Corporation Private Limited ("Zoho") grants to you a non-exclusive, non-transferable, Evaluation License for trial and evaluation of the Licensed software, in binary object code form, for a period of thirty (30) days from the date of download or installation. This License begins upon downloading or installing the Licensed Software and ends thirty (30) days thereafter ("Evaluation Period").

If you are not willing to use the Licensed Software, either the Free Edition or the Professional/Premium/Distributed Edition, after the Evaluation Period, delete all the copies installed in your computer with immediate effect. You are forbidden from using the Licensed Software for any other use or otherwise offering it for resale under the terms of this Section 1. Zoho retains all rights not specifically granted to you herein.

2. COMMERCIAL LICENSE:

Annual Subscription License: As part of your choosing annual subscription license, Zoho grants you a fee-bearing, nonexclusive, non-transferable, world-wide license to Use the Licensed Software including user documentation, updates and upgrades to which you are entitled as well as any plug-ins provided to you during the period of your subscription, provided that such access and Use of the Licensed Software is in accordance with the Single Installation License granted by Zoho. Under the Subscription License, the Licensed Software is licensed only for a subscription period of one year. You must renew your license at least 10 days before the expiry of the subscription period in order to continue using the Licensed Software. If you do not renew the license, you agree to stop using the Licensed Software after end of the subscription period and remove the Licensed Software from your systems

Perpetual License: As part of your choosing perpetual license, Zoho grants you a fee-bearing, nonexclusive, non-transferable, perpetual, world-wide license to Use the Licensed Software including user documentation, updates and upgrades to which you are entitled as well as any plug-ins provided to you, provided that such access and Use of the Licensed Software is in accordance with the Single Installation License granted by Zoho.

"Use" means storing, locating, installing, executing or displaying the Licensed Software according to the license procured by you.

"Single Installation License" means that the license key provided shall not be used for more than one concurrent Use of the Licensed Software.

3. THIRD PARTY PRODUCTS:

The Licensed Software may contain software which originated with third party vendors and without limiting the general applicability of the other provisions of this Agreement, you agree that (a) the title to any third party software incorporated in the Licensed Software shall remain with the third party which supplied the same; and (b) you will not distribute any such third party software available with the Licensed Software, in any manner.

4. RESTRICTIONS ON USE:

In addition to all other terms and conditions of this Agreement, you shall not: (i) install one copy of the Licensed Software on more than one CPU; (ii) remove any copyright, trademark or other proprietary notices from the Licensed Software or its copies; (iii) make any copies except for one back-up or archival copy, for temporary emergency purpose; (iv) rent, lease, license, sublicense or distribute the Licensed Software or any portions of it on a standalone basis or as part of your application; (v) modify or enhance the Licensed Software; (vi) use the Licensed Software in a computer-based services business or publicly display visual output of the Licensed Software or use the Licensed Software for the benefit of any other person or entity; (vii) reverse engineer, decompile or disassemble the Licensed Software; or (viii) allow any third parties to access, use or support the Licensed Software.

5. TECHNICAL SUPPORT:

As part of subscription license, Zoho provides support that includes email support for problem reporting, product updates, upgrades and online access to product documentation at no additional cost for the period of subscription. Technical Support is not included as part of perpetual license. You may purchase technical support services for perpetual license by paying the then current maintenance and support fee.

6. COLLECTION OF USAGE DETAILS

ZOHO collects details pertaining to your usage of the Licensed Software such as the license details, type of installation, configuration of database, configuration of data storage, configuration of the system in which the Licensed Software is installed, statistics pertaining to the total number of devices and total number of events handled, top pages visited, and frequency of use of the various features of the Licensed Software. ZOHO agrees to furnish the data collected regarding your usage of the Licensed Software upon request by you. You understand and acknowledge that collection of Usage Details is enabled by default and that it needs to be disabled through the Licensed Software's user interface if you do not wish to allow ZOHO to collect Usage Details.

7. OWNERSHIP AND INTELLECTUAL PROPERTY:

Zoho owns all right, title and interest in and to the Licensed Software. Zoho expressly reserves all rights not granted to you herein, notwithstanding the right to discontinue or not to release any Licensed Software and to alter prices, features, specifications, capabilities, functions, licensing terms, release dates, general availability or characteristics of the Licensed Software. The Licensed Software is only licensed and not sold to you by Zoho.

8. AUDIT:

Zoho has the right to audit your Use of the Licensed Software by providing at least seven (7) days prior written notice of its intention to conduct such an audit at your facilities during normal business hours.

9. CONFIDENTIALITY:

The Licensed Software contains proprietary information of Zoho that are protected by the laws of the United States and you hereby agree to take all reasonable efforts to maintain the confidentiality of the Licensed Software. You agree to reasonably communicate the terms and conditions of this Agreement to those persons employed by you who come into contact with or access the Licensed Software, and to use reasonable efforts to ensure their compliance with such terms and conditions, including but not limited to, not knowingly permitting such persons to use any portion of the Licensed Software for a purpose that is not allowed under this Agreement.

10. WARRANTY DISCLAIMER:

Zoho does not warrant that the Licensed Software will be error-free. Except as provided herein, the Licensed Software is furnished "as is" without warranty of any kind, including the warranties of merchantability and fitness for a particular purpose and without warranty as to the performance or results you may obtain by using the Licensed Software. You are solely responsible for determining the appropriateness of using the Licensed Software and assume all risks associated with the use of it, including but not limited to the risks of program errors, damage to or loss of data, programs or equipment, and unavailability or interruption of operations.

11. LIMITATION OF LIABILITY:

In no event will Zoho be liable to you or any third party for any special, incidental, indirect, punitive or exemplary or consequential damages, or damages for loss of business, loss of profits, business interruption, or loss of business information arising out of the use or inability to use the program or for any claim by any other party even if Zoho has been advised of the possibility of such damages. Zoho's entire liability with respect to its obligations under this agreement or otherwise with respect to the Licensed Software shall not exceed the amount of the license fee paid by you for the Licensed Software.

12. INDEMNIFICATION:

Zoho agree to indemnify and defend you from and against any and all claims, actions or proceedings, arising out of any claim that the Licensed Software infringes or violates any valid U.S. patent, copyright or trade secret right of any third party; so long as you provide; (i) prompt written notice to Zoho of such claim; (ii) cooperate with Zoho in the defense and/or settlement thereof, at Zoho's expense; and, (iii) allow Zoho to control the defense and all related settlement negotiations. The above is Zoho's sole obligation to you and shall be your sole and exclusive remedy pursuant to this Agreement for intellectual property infringement.

Zoho shall have no indemnity obligation for claims of infringement to the extent resulting or alleged to result from (i) any combination, operation, or use of the Licensed software with any programs or equipment not supplied by Zoho; (ii) any modification of the Licensed Software by a party other than Zoho; and (iii) your failure, within a reasonable time frame, to implement any replacement or modification of Licensed Software provided by Zoho.

13. TERMINATION:

This Agreement is effective until terminated by either party. You may terminate this Agreement at any time by destroying or returning to Zoho all copies of the Licensed Software in your possession. Zoho may terminate this Agreement for any reason, including but not limited to your breach of any of the terms of this Agreement. Upon termination, you shall destroy or return to Zoho all copies of the Licensed Software and certify in writing that all know copies have been destroyed. All provisions relating to confidentiality, proprietary rights, non-disclosure, and limitation of liability shall survive the termination of this Agreement.

14. GENERAL:

If you are a resident of the United States or Canada, this Agreement shall be governed by and interpreted in all respects by the laws of the State of California, without reference to conflict of laws' principles, as such laws are applied to agreements entered into and to be performed entirely within California between California residents. If you are a resident of any other country, this Agreement shall be governed by and interpreted in all respects by the laws of the Republic of India without reference to conflict of laws' principles, as such laws are applied to agreements entered into and to be performed entirely within the Republic of India between residents of the Republic of India. If you are a resident of the United States or Canada, you agree to submit to the personal jurisdiction of the courts in the Northern District of California. If you are a resident of any other country, you agree to submit to the personal jurisdiction of the courts in Chennai, India. This Agreement constitutes the entire agreement between the parties, and supersedes all prior communications, understandings or agreements between the parties. Any waiver or modification of this Agreement shall only be effective if it is in writing and signed by both parties hereto. If any part of this Agreement is found invalid or unenforceable, the remainder shall be interpreted so as to reasonable effect the intention of the parties. You shall not export the Licensed Software or your application containing the Licensed Software except in compliance with United States export regulations and applicable laws and regulations.


©2012 ZOHO Corp. All Rights Reserved.